Portable secure element

ABSTRACT

Transferring control of a secure element between TSMs comprises a zone master key established between the TSMs that facilitates encryption of a temporary key. The TSMs create the zone master key prior to initiation of transfer of control. Once transfer of control is initiated, the first TSM establishes a communication channel and deletes its key from the secure element. The first TSM creates a temporary key that is encrypted with the zone master key established between the first TSM and the second TSM. The encrypted temporary key is communicated to the second TSM with a device identifier. The second TSM decrypts the temporary key using the zone master key and identifies the user device using the device identifier. The new TSM establishes a communication channel and deletes the temporary key from the secure element. The new TSM then inputs and saves its key into the secure element.

RELATED APPLICATIONS

This application claims priority to U.S. Provisional Patent ApplicationNo. 61/604,503, filed Feb. 28, 2012 and entitled “Portable SecureElement.” The entire contents of the above-identified priorityapplication are hereby fully incorporated herein by reference.

TECHNICAL FIELD

The present disclosure relates generally to a mobile communicationdevice, and more particularly to methods and systems that enable usersto select from available trusted service managers (“TSMs”) forcompleting secure transactions, communications, and other tasks.

BACKGROUND

The current near field communication (“NFC”) eco-system relies on apiece of hardware commonly referred to as a “secure element” installedon communication devices to provide a secure operation environment forfinancial transactions, transit ticketing, identification andauthentication, physical security access, and other functions. A secureelement generally includes its own operating environment with atamper-proof microprocessor, memory, and operating system. A trustedservice manager (“TSM”), among other things, installs, provisions, andpersonalizes the secure element. The secure element has one or moreaccess keys that are typically installed at manufacture time. Acorresponding key is shared by the TSM so that the TSM can establish acryptographically secure channel to the secure element for installation,provisioning, and personalization of the secure element while the devicehaving the secure element is in the possession of an end user. In thisway, the secure element can remain secure even if the host CPU in thedevice has been compromised.

One deficiency with current NFC systems is that a tight coupling existsbetween the secure element and the TSM. For current deployments, onlyone TSM has access to the keys of a particular secure element.Therefore, the end user can choose to provision secure element featuresthat are supplied by the one TSM only. This TSM typically is chosen bythe manufacturer of the device. For example, a smart phone manufacturermay select the TSM for smart phones under guidance from a mobile networkoperator (“MNO”), such as Sprint or Verizon, that purchases the smartphone rather than the end user. Thus, the TSM features available to theend user may not be in the end user's interest. As an example, the MNOmay have a business relationship with one payment provider, such asMasterCard or Bank of America, only. That TSM may allow the secureelement to be provisioned with payment instructions from the one paymentprovider only. Thus, the end user would not be able to access servicesfrom other payment providers, such as VISA.

SUMMARY

In certain exemplary aspects, a method and system of transferringcontrol of a secure element between TSMs comprises a zone master keyestablished between the TSMs that facilitates encryption of a temporarykey during the transfer process. The TSMs establish an agreement to andcreate a zone master key prior to the initiation of a transfer ofcontrol. Once a transfer of control is initiated, the first TSMestablishes a communication channel with the secure element and deletesits key. The first TSM creates a temporary key. The temporary key isencrypted with the zone master key established between the first TSM andthe second TSM and the encrypted temporary key is communicated to thesecond TSM with a device identifier. The second TSM decrypts thetemporary key using the zone master key and identifies the user deviceusing the device identifier. The new TSM establishes a securecommunication channel with the secure element and deletes the temporarykey. The new TSM then inputs and saves its key into the secure element.In one exemplary aspect, the first TSM may transfer control of thesecure element to a mediator TSM, which then transfers control of thesecure element to the second TSM.

These and other aspects, objects, features, and advantages of theexemplary embodiments will become apparent to those having ordinaryskill in the art upon consideration of the following detaileddescription of illustrated exemplary embodiments, which include the bestmode of carrying out the invention as presently presented.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram depicting an operating environment for asystem for transferring control of a secure element using a zone masterkey according to an exemplary embodiment.

FIG. 2 is a block diagram depicting an operating environment for asystem for device-mediated transfer of control of a secure elementaccording to an exemplary embodiment.

FIG. 3 is a block flow diagram depicting a method for transferringcontrol of a secure element using a zone master key according to anexemplary embodiment.

FIG. 4 is a block flow diagram depicting a method for creating a zonemaster key according to an exemplary embodiment.

FIG. 5 is a block flow diagram depicting a method for transferringcontrol of a secure element from TSM A to TSM B according to anexemplary embodiment.

FIG. 6 is a block flow diagram depicting a method for device-mediatedtransfer of control of a secure element according to an exemplaryembodiment.

FIG. 7 is a block flow diagram depicting a method for transferringcontrol of a secure element from TSM A to a mobile network operator TSMaccording to an exemplary embodiment.

FIG. 8 is a block flow diagram depicting a method for transferringcontrol of a secure element from a mobile network operator TSM to TSM Baccording to an exemplary embodiment.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS Overview

The exemplary embodiments provide methods and systems that enable usersto transfer control of a secure element from one TSM to another using azone master key established between the TSMs. The TSMs establish anagreement to and create a zone master key prior to the initiation of atransfer of control. The zone master key facilitates encryption of atemporary key used to transfer control from one TSM to another. In anexemplary embodiment, the zone maser key is a shared symmetric key. Thetemporary key exchange may occur by encrypting the temporary key with apre-shared symmetric key. In an alternative exemplary embodiment thetemporary key exchange may occur by making use of PKI infrastructure, inwhich the temporary keys can be encrypted by the source TSM (forexample, TSM A) with the public key published by the target TSM (forexample, TSM B). In an exemplary embodiment, control of the secureelement may be transferred from TSM A directly to TSM B using atemporary key encrypted by the zone master key established between TSM Aand TSM B. In an alternative exemplary embodiment, control of the secureelement may be transferred from TSM A to an intermediary, such as amobile network operator (“MNO”) TSM, before transfer to TSM B, using oneor more temporary keys. The first temporary key may be encrypted by thezone master key established between TSM A and the MNO TSM and the secondtemporary key may be encrypted by the zone master key establishedbetween the MNO TSM and TSM B. In an alternative exemplary embodiment, asingle temporary key may be used to transfer control from TSM A to theMNO TSM to TSM B.

Once a transfer of control is initiated, the TSM A receives instructionsand agrees to transfer control to a second TSM, for example TSM B or amediator TSM (such as the MNO TSM). TSM A establishes a communicationchannel with the secure element and deletes its key. TSM A creates atemporary key and saves it to the secure element. TSM A encrypts thetemporary key with the zone master key established between TSM A and thesecond TSM. The encrypted temporary key is communicated to the secondTSM with a device identifier. The second TSM decrypts the temporary keyusing the zone master key and identifies the user device using thedevice identifier.

The second TSM establishes a communication channel with the secureelement using the temporary key. Once a communication channel isestablished, the second TSM deletes the temporary key from the secureelement. The second TSM then inputs and saves its key into the secureelement, thereby assuming control of the secure element. In an exemplaryembodiment, the second TSM is the mediator TSM and control is thentransferred to TSM B using the same methods. In an exemplary embodimentthe mediator TSM is a MNO TSM. In an alternative exemplary embodiment,the mediator TSM is a third party entity such as Google. In yet anotheralternative exemplary embodiment the mediator TSM is an operating systemor operating system provider such as Android.

The functionality of the exemplary embodiments will be explained in moredetail in the following description, read in conjunction with thefigures illustrating the program flow.

System Architecture

Turning now to the drawings, in which like numerals indicate like (butnot necessarily identical) elements throughout the figures and exemplaryembodiments are described in detail.

FIG. 1 is a block diagram depicting an operating environment 100 for asystem for transferring control of a secure element 126 using a zonemaster key according to an exemplary embodiment. As depicted in FIG. 1,the exemplary operating environment 100 comprises a user device system120 and two or more secure service provider systems 140 that areconfigured to communicate with one another via one or more networks 130.

The network 130 comprises a telecommunication means by which networkdevices (including devices 120 and 140) can exchange data. For example,the network 130 can be implemented as, or may be a part of, a storagearea network (“SAN”), personal area network (“PAN”), local area network(“LAN”), a metropolitan area network (“MAN”), a wide area network(“WAN”), a wireless local area network (“WLAN”), a virtual privatenetwork (“VPN”), an intranet, the Internet, Bluetooth, NFC or any otherappropriate architecture or system that facilitates the communication ofsignals, data and/or messages (generally referred to as data). In analternative exemplary embodiment, the secure communication channel 130can comprise a cellular network.

In an exemplary embodiment, the user device system 120 can refer to asmart device that can communicate via an electronic, magnetic, or radiofrequency field between the device 120 and another device, such as asmart card (not illustrated) or a reader (not illustrated). In anexemplary embodiment, the user device 120 has processing capabilities,such as storage capacity/memory and one or more applications 122 thatcan perform a particular function. In an exemplary embodiment, thecontactless device 120 contains an operating system (not illustrated)and user interface 121. Exemplary contactless devices 120 include smartphones; mobile phones; personal digital assistants (“PDAs”); mobilecomputing devices, such as netbooks, tablets, and iPads; laptops; andother devices, in each case having processing and user interfacefunctionality.

The contactless device 120 also comprises a secure element 126, whichcan exist within a removable smart chip or a secure digital (“SD”) cardor which can be embedded within a fixed chip on the device 120. Incertain exemplary embodiments, Subscribed Identity Module (“SIM”) cardsmay be capable of hosting a secure element 126, for example, an NFC SIMCard. The secure element 126 allows a software application (notillustrated) resident on the device 120 and accessible by the deviceuser to interact securely with certain functions within the secureelement 126, while protecting information stored within the secureelement. The secure element 126 may comprise applications (notillustrated) running thereon that perform the functionality describedherein.

The secure element 126 includes components typical of a smart card, suchas crypto processors and random generators. In an exemplary embodiment,the secure element 126 comprises a Smart MX type NFC controller 124 in ahighly secure system on a chip controlled by a smart card operatingsystem, such as a JavaCard Open Platform (“JCOP”) operating system. Inanother exemplary embodiment, the secure element 126 is configured toinclude a non-EMV type contactless smart card, as an optionalimplementation.

The secure element 126 communicates with the controller 124 and theapplication 122 in the user device 120. In an exemplary embodiment, thesecure element 126 is capable of storing encrypted user information andonly allowing trusted applications to access the stored information. Thecontroller 124 interacts with a secure key 127 encrypted application fordecryption and installation in the secure element 126.

In an exemplary embodiment, the controller 124 is an NFC controller. TheNFC controller may be capable of sending and receiving data, identifyinga reader or smart card, performing authentication and cipheringfunctions, and directing how the user device 120 will listen fortransmissions from reader/smart card or configure the user device 120into various power-save modes according to the NFC-specified procedures.In an alternative exemplary embodiment, the controller 124 is aBluetooth link controller or a Wi-Fi controller capable of performingsimilar functions.

The application 122 is a program, function, routine, applet or similarentity that exists on and performs its operations on the user device120. For example, the application 122 may be one or more of an offlinepayment application, a digital wallet application, a coupon application,a loyalty card application, another value-added application, a userinterface application, or other suitable application operating on thecontactless device 120. Additionally, the secure element 126 also maycomprise secure contactless software applications, such as an offlinepayment or other payment applications, secure forms of the applications122, authentication applications, payment provisioning applications, orother suitable application using the secure functionality of the secureelement.

The user device 120 communicates with the reader/smart card via anantenna 128. In an exemplary embodiment, once the user deviceapplication 122 has been activated and prioritized, the controller 124is notified of the state of readiness of the user device 120 for atransaction. The controller 124 outputs through the antenna 128 a radiosignal, or listens for radio signals from the reader/smart card.

A secure service provider 140 serves as an intermediary that assistservice providers in securely distributing and managing applications andservices, such as NFC contactless applications services. Exemplarysecure services providers 140 comprise Gemalto and First Data. A trustedservice manager (“TSM”) 145 of the secure service provider 140 typicallyhosts the applications and installs and provisions the applications ontothe secure element 126 of the user device. Each TSM 145 can receive,store and utilize a key 149 for a secure element 126 resident on a userdevice 120. In an exemplary embodiment, one or more keys 149 are storedin a hardware security module (“HSM”). By having the keys 149, the TSM145 can access the secure element 126 via a secure encryptedcommunication channel to install, provision, and customize applicationswithin the secure element 126. In an exemplary embodiment, the key 149allows access and control of the secure element 126 only by the TSM 147with the current access key 149. For example, once control of the secureelement 126 is transferred from TSM A 147A to TSM B 147B, only TSM B 147can access and control the secure element 126 using the TSM B key 149B.The TSM A key 149A will not permit allow access and control of thesecure element 126 by TSM A 145A.

In certain exemplary embodiments, the secure service providers 140bypass the controller 124 resident on the user device 120 whencommunicating with the secure element 126. For example, in certainUICC/SIM secure elements, the secure service providers 140 communicatewith the secure element 126 via a radio CPU (not illustrated) installedon the user device 120. Thus, the involvement of the controller 124 maybe optional during the provisioning of applications on the secureelement 126 in certain exemplary embodiments. In certain exemplaryembodiments, a host CPU (not illustrated) and a radio CPU (notillustrated) interact with one another to coordinate access controls tothe secure element 126.

FIG. 2 is a block diagram depicting an operating environment for asystem for device-mediated transfer of control of a secure elementaccording to an alternative exemplary embodiment. The exemplaryoperating environment 200 comprises many of the same components as thesystem 100, including a user device system 120 and two or more secureservice provider systems 140 that are configured to communicate with oneanother via one or more networks 140. The exemplary operatingenvironment 200 also comprises a mobile network operator (“MNO”) system210.

In an exemplary embodiment, the MNO system 210 is a third party systemthat acts as a mediator during the transfer of control from one TSM 145to another. An exemplary MNO 210 comprises a TSM 215 and one or morekeys 219. The TSM 215 and key 219 function in a similar manner as theTSM 145 and key 149 resident on the secure service provider 140,described previously. In an exemplary embodiment, the user device 120accesses the network 130 via the MNO 210. Exemplary MNOs 210 compriseVerizon, Sprint, and AT&T. The MNO 210 may provide network 130 access tothe user devices 120 via a mobile network (not shown), such as a 3G or4G mobile communication network. In an alternative exemplary embodiment,the user device 120 can access the network 130 via other mechanisms,such as Wi-Fi in connection with an Internet provider, NFC or Bluetooth.

As referred to in this specification the MNO TSM 215 is a mediator TSM.In an exemplary embodiment the mediator TSM is a MNO TSM 215. In analternative exemplary embodiment, the mediator TSM is a third partyentity such as Google or an operating system/operating system providersuch as Android. In this exemplary embodiment, the MNO system 210 cancommunication with the user device using any network 130 and themediator TSM 215 can communicate with the user device 120 via Wi-Fi.

The components illustrated in FIGS. 1-2 will be described in furtherdetail hereinafter with reference to the methods depicted herein.

System Process

FIG. 3 is a block flow diagram depicting a method for transferringcontrol of a secure element 126 using a zone master key according to anexemplary embodiment. The method 300 is described with reference to thecomponents illustrated in FIG. 1.

In block 305, TSM A 145A and TSM B 145B create a zone master key tofacility the transfer of control. The method of creating a zone masterkey is described in more detain hereinafter with reference to themethods described in FIG. 4.

FIG. 4 is a block flow diagram depicting a method for creating a zonemaster key according to an exemplary embodiment, as referenced in block305 of FIG. 3. The method 305 is described with reference to thecomponents illustrated in FIG. 1.

In block 410, TSM A 145A and TSM B 145B agree to create a key exchangezone. In an exemplary embodiment, the agreement between TSM A 145A andTSM B 145B occurs offline at a time prior to the initiation of transferof control of a secure element 126 resident on a user device 120. Forexample, TSM A 145A and TSM B 145B may create an agreement to allow forthe transfer of control of a secure element 126, wherein TSM A 145A andTSM B 145B agree to create a zone master key to facilitate such atransfer. In an exemplary embodiment, the zone master key may be used tofacilitate a transfer from TSM A 145A to TSM B 145B, or vice versa, formultiple user devices at any time after the creation of the key.

In block 420, TSM A 145A and TSM B 145B generate a first part of ashared zone master key. In an exemplary embodiment, the zone master keyis created in three separate parts to be assembled by the HSM 147. In analternative exemplary embodiment, the zone master key is created in asingle part. In this embodiment, the methods described in blocks 440through 470 may be skipped. In yet another alternative exemplaryembodiment, the zone master key is created in more than three parts. Inthis embodiment, the methods described in blocks 420 through 470 may berepeated as required. In yet another alternative exemplary embodiment,the zone master key is created in two parts. In this embodiment, themethods described in blocks 460 through 470 may be skipped.

In block 430, the first part of the zone master key is injected into theHSM 147 of TSM A 145A and TSM B 145B. In an exemplary embodiment, thezone master key parts are injected in the HSM 147A of TSM A 145A and inthe HMS 147B or TSM B 145B. In an exemplary embodiment, the TSM 145inputs the zone master key parts and stores the parts in the HSM 147. Inan exemplary embodiment, once all parts of the zone master key arestored in the HSM 147, the HSM 147 assembles the parts.

In block 440, TSM A 145A and TSM B 145B generate a second part of theshared zone master key.

In block 450, the second part of the zone master key is injected intothe HSM 147 of TSM A 145A and TSM B 145B. In an exemplary embodiment,the TSM 145 inputs the zone master key parts and stores the parts in theHSM 147. In an exemplary embodiment, once all parts of the zone masterkey are stored in the HSM 147, the HSM 147 assembles the parts.

In block 460, TSM A 145A and TSM B 145B generate a third part of theshared zone master key. In an exemplary embodiment, the zone master keyis generated in three parts.

In block 470, the third part of the zone master key is injected into theHSM 147 of TSM A 145A and TSM B 145B. In an exemplary embodiment, theTSM 145 inputs the zone master key parts and stores the parts in the HSM147. In an exemplary embodiment, once all parts of the zone master keyare stored in the HSM 147, the HSM 147 assembles the parts.

In block 480, the zone master key is assembled inside the HSM 147 of TSMA 145A and TSM B 145B. In an exemplary embodiment, the three parts ofthe zone master key created, inputted and stored in the HSM 147 of TSM A145A and TSM B 145B are assembled to create a single key.

In block 490, the zone master key parts are destroyed. In an exemplaryembodiment, once the zone master key parts are assembled and a singlekey is created, the part injected into the HSM 147 of TSM A 145A and TSMB 145B are each removed from the HSM 147 and destroyed.

From block 490, the method proceeds to block 310 in FIG. 3.

Returning to FIG. 3, in block 310, control of the secure element 126resident on the user device 120 is by TSM A 145A. In an exemplaryembodiment, TSM A 145A can access and control of the secure element 126using the access key 149A. In an exemplary embodiment, control of thesecure element 126 may be by TSM B 145B, with control being transferredfrom TSM B 145B to TSM A 145A.

In block 315, control of the secure element 126 is transferred from TSMA 145A to TSM B 145B. The method for transferring control of the secureelement 126 from TSM A 145A to TSM B 145B is described in more detainhereinafter with reference to the methods described in FIG. 5.

FIG. 5 is a block flow diagram depicting a method for transferringcontrol of the secure element 126 from TSM A 145A to TSM B 145Baccording to an exemplary embodiment, as referenced in block 315 of FIG.3. The method 315 is described with reference to the componentsillustrated in FIG. 1.

In block 505, the user (not illustrated) initiates a transfer of controlof the secure element 126 from TSM A 145A to TSM B 145B. In an exemplaryembodiment, the user may access an application 122 resident on the userdevice via the user interface 121 to initiate a transfer of control. Inan alternative exemplary embodiment, the user may initiate a transfer ofcontrol by registering a financial card is managed by secure serviceprovider B 140B in the user's digital wallet application. In yet anotheralternative exemplary embodiment, the transfer of control may beinitiated automatically with the user attempts to make a financialpayment with the user device 120, wherein the financial card is managedby secure service provider B 140B.

In block 510, the application 122 resident on the user device 120receives the user's request to transfer control of the secure element126. In an exemplary embodiment, the application 122 is a secure element126 portability service application.

In block 515, the application 122 authorizes the transfer of controlfrom TSM A 145A to TSM B 145B and instructs TSM A 145A to transfercontrol of the secure element 126 to TSM B 145B. In an exemplaryembodiment, the secure element portability service application 122communicates instructions to TSM A 145A via the network 130.

In block 520, TSM A 145A receives the instructions and agrees totransfer control of the secure element 126 to TSM B 145B. In anexemplary embodiment, TSM A 145A has previously established an agreementwith TSM B 145B regarding the transfer of control of a secure element126 between the TSMs. The TSMs have previously created a zone master keyto facilitate the transfer of such control. In an exemplary embodiment,once TSM A 145A receives instructions to transfer control, it confirmsthe existence of a transfer agreement between the TSMs before agreeingto transfer control.

In block 525, TSM A 145A initiates a secure communication channel withthe secure element 126 using existing access keys of TSM A 145A storedin the secure element 126. In an exemplary embodiment, the securecommunication channel is via the network 130.

In block 530, TSM A 145A deletes all TSM A keys 149A from the secureelement 126. In an exemplary embodiment, removal of the TSM A keys 149Afrom the secure element 126 ensure that TSM A 145A will no longer havecontrol or access to the secure element 126.

In block 535, TSM A 145A creates a temporary key. In an exemplaryembodiment, the temporary key is different from the TSM A key 149previously deleted from the secure element 126. In an exemplaryembodiment, the temporary key provides for the transfer of control fromone TSM 145 to another.

In block 540, TSM A 145A injects the temporary key into the secureelement 126. In an exemplary embodiment, TSM A 145A inputs and storesthe temporary key in the secure element 126 to facilitate the transferof control to TSM B 145B.

In block 545, TSM A 145A encrypts the temporary key with the zone masterkey established between TSM A 145A and TSM B 145B. In an exemplaryembodiment, the zone master key is shared by TSM A 145A and TSM B 145Band was created in block 305.

In block 550, TSM A 145A communicates the temporary key encrypted withthe zone master key established between TSM A 145A and TSM B 145, alongwith the user device 120 identifier to TSM B 145B. In an exemplaryembodiment, the user device 120 identifier may be used by TSM B 145B toidentify the user device 120 and secure element 126 prior to accessingthe secure element 126 and establishing control.

The method then proceeds to block 320 in FIG. 3.

Returning to FIG. 3, in block 320, TSM B 145B injects the temporary keyencrypted with the zone master key received from TSM A 145A into the HSM147B. In an exemplary embodiment, TSM B 145B inputs and saves thetemporary key encrypted with the zone master key into the HSM 147B.

In block 325, TSM B 145B decrypts the temporary key using the zonemaster key established between TSM A 145A and TSM B 145B.

In block 330, TSM B 145B identifies the user device 120 using the deviceidentifier communicated by TSM A 145A. In an exemplary embodiment, TSM B145B contacts the MNO 210 to identify the user device 120 using thedevice identifier. In an exemplary embodiment, the MNO 210 facilitatesidentification of the user device 120 and secure element 126.

In block 335, TSM B 145B establishes a secure communication channel withthe secure element 126 using the temporary key. In an exemplaryembodiment, the secure communication channel is via the network 130.

In block 340, TSM B 145B deletes the temporary key from the secureelement 126 and injects the TSM B key 149B. In an exemplary embodiment,TSM B 145B inputs the TSM B key 149B and saves it to the secure element126 to assume control of the secure element 126. In an exemplaryembodiment, TSM A 145A can no longer access or control the secureelement once the temporary key is removed from the secure element by TSMB 145B.

In block 345, TSM B 145B assumes control of the secure element 126. Inan exemplary embodiment, the communication channel is terminated at anysuitable time after TSM B 145B inputs and saves the TSM B key 149B tothe secure element.

From block 345, the method 300 ends.

FIG. 6 is a block flow diagram depicting a method for device-mediatedtransfer of control of a secure element 126 according to an exemplaryembodiment. The method 600 is described with reference to the componentsillustrated in FIG. 2.

In block 605, the MNO TSM 215 establishes separate zone master keys withTSM A 145A and TSM B. In an exemplary embodiment, block 605 of FIG. 6can be performed in a manner described previously with reference toblock 305 of FIGS. 3-4, except the MNO TSM 215 performs the method 305separately with each of the TSM A 145A and the TSM B 145B. In anexemplary embodiment, the MNO TSM 215 is a mediator that can include aMNO, third party entity, an operating system, an operating systemprovider or other TSM facilitating the transfer of control of the secureelement 126 from one TSM 145 to another.

In block 610, control of the secure element 126 resident on the userdevice 120 is by TSM A 145A. In an exemplary embodiment, TSM A 145A canaccess and control of the secure element 126 using the access key 149A.In an exemplary embodiment, control of the secure element 126 may be byTSM B 145B, with control being transferred from TSM B 145B to TSM A145A.

In block 615, control of the secure element 126 is transferred from TSMA 145A to the MNO TSM 215. The method 615 for transferring control ofthe secure element 126 from TSM A 145A to the MNO TSM 215 is describedin more detail hereinafter with reference to the methods described inFIG. 7.

FIG. 7 is a block flow diagram depicting a method for transferringcontrol of a secure element 126 from TSM A 145A to the MNO TSM 215according to an exemplary embodiment, as referenced in block 615 of FIG.6. The method 615 is described with reference to the componentsillustrated in FIGS. 1-2.

In an exemplary embodiment, blocks 505 through 550 of FIG. 7 can beperformed in a manner described previously with reference to blocks 505through 550 of FIG. 5, except that TSM A 145A transfers control of thesecure element 126 to the MNO TSM 215 instead of TSM B 145B. In anexemplary embodiment, transfer of control from TSM A 145A to the MNO TSM215 is facilitated by the creation of a first temporary key encrypted bythe zone master key established between TSM A 145A and the MNO TSM 215,according to the methods described previously with reference to blocks505 through 550 of FIG. 5.

From block 550 of FIG. 7, the method 615 proceeds to block 620 of FIG.6.

Returning to FIG. 6, in block 620, control of the secure element 126 istransferred from the MNO TSM 215 to TSM B 145B. The method 620 fortransferring control of the secure element 126 from the MNO TSM 215 toTSM B 145B is described in more detail hereinafter with reference to themethods described in FIG. 8.

FIG. 8 is a block flow diagram depicting a method for transferringcontrol of a secure element 126 from the MNO TSM 215 to TSM B 145Baccording to an exemplary embodiment, as referenced in block 620 of FIG.6. The method 620 is described with reference to the componentsillustrated in FIGS. 1-2.

In block 805, the MNO TSM 215 decrypts the first temporary key using thezone master key established between the MNO TSM 215 and the TSM A 145A.

In block 810, the MNO TSM 215 uses the device identifier to identify theuser device 120.

In an exemplary embodiment, blocks 525 through 550 of FIG. 8 can beperformed in a manner described previously with reference to block 525through 550 of FIG. 5, except that the MNO TSM 215, instead of the TSM A145A, transfers control of the secure element 126 to the TSM B 145B. Inan exemplary embodiment, transfer of control from the MNO TSM 215 to theTSM B 145B is facilitated by the creation of a second temporary keyencrypted by the zone master key established between the MNO TSM 215 andTSM B 145B, according to the methods described previously with referenceto blocks 525 through 550 of FIG. 5.

From block 550 of FIG. 8, the method 620 proceeds to block 625 of FIG.6.

Returning to FIG. 6, in block 625, TSM B 145B decrypts the secondtemporary key using the zone master key established between the MNO TSM215 and TSM B 145B.

In block 630, TSM B 145B identifies the user device 120 using the deviceidentifier communicated by the MNO TSM 215.

In block 635, TSM B 145B establishes a secure communication channel withthe secure element 126 using the second temporary key. In an exemplaryembodiment, the secure communication channel is via the network 130.

In block 640, TSM B 145B deletes the second temporary key from thesecure element 126. In an exemplary embodiment, MNO TSM 215 can nolonger access or control the secure element once the second temporarykey is removed from the secure element 126 by TSM B 145B.

In block 645, TSM B 145B injects the TSM B key 149B. In an exemplaryembodiment, TSM B 145B inputs the TSM B key 149B and saves it to thesecure element 126 to assume control of the secure element 126.

In block 650, TSM B 145B assumes control of the secure element 126. Inan exemplary embodiment, the communication channel is terminated at anysuitable time after TSM B 145B inputs and saves the TSM B key 149B tothe secure element.

From block 650, the method 600 ends.

General

Users may be allowed to limit or otherwise affect the operation of thefeatures disclosed herein. For example, users may be given opportunitiesto opt-in or opt-out of the collection or use of certain data or theactivation of certain features. In addition, users may be given theopportunity to change the manner in which the features are employed,including for situations in which users may have concerns regardingprivacy. Instructions also may be provided to users to notify themregarding policies about the use of information, including personallyidentifiable information, and manners in which each user may affect suchuse of information. Thus, information can be used to benefit a user, ifdesired, through receipt of relevant advertisements, offers, or otherinformation, without risking disclosure of personal information or theuser's identity.

One or more aspects of the exemplary embodiments may include a computerprogram that embodies the functions described and illustrated herein,wherein the computer program is implemented in a computer system thatcomprises instructions stored in a machine-readable medium and aprocessor that executes the instructions. However, it should be apparentthat there could be many different ways of implementing the exemplaryembodiments in computer programming, and the exemplary embodimentsshould not be construed as limited to any one set of computer programinstructions. Further, a skilled programmer would be able to write sucha computer program to implement an embodiment based on the appended flowcharts and associated description in the application text. Therefore,disclosure of a particular set of program code instructions is notconsidered necessary for an adequate understanding of how to make anduse the exemplary embodiments. Moreover, any reference to an act beingperformed by a computer should not be construed as being performed by asingle computer as more than one computer may perform the act.

The exemplary systems, methods, and blocks described in the embodimentspresented previously are illustrative, and, in alternative embodiments,certain blocks can be performed in a different order, in parallel withone another, omitted entirely, and/or combined between differentexemplary methods, and/or certain additional blocks can be performed,without departing from the scope and spirit of the invention.Accordingly, such alternative embodiments are included in the inventiondescribed herein.

The invention can be used with computer hardware and software thatperforms the methods and processing functions described above. As willbe appreciated by those having ordinary skill in the art, the systems,methods, and procedures described herein can be embodied in aprogrammable computer, computer executable software, or digitalcircuitry. The software can be stored on computer readable media. Forexample, computer readable media can include a floppy disk, RAM, ROM,hard disk, removable media, flash memory, memory stick, optical media,magneto-optical media, CD-ROM, etc. Digital circuitry can includeintegrated circuits, gate arrays, building block logic, fieldprogrammable gate arrays (“FPGA”), etc.

Although specific embodiments of the invention have been described abovein detail, the description is merely for purposes of illustration.Various modifications of, and equivalent blocks and componentscorresponding to, the disclosed aspects of the exemplary embodiments, inaddition to those described above, can be made by those having ordinaryskill in the art without departing from the spirit and scope of theinvention defined in the following claims, the scope of which is to beaccorded the broadest interpretation so as to encompass suchmodifications and equivalent structures.

1. A computer-implemented method for transferring control of a secureelement, comprising: creating, by a computer, a master key between afirst trusted service manager (“TSM”) and a second TSM, wherein themaster key facilitates a transfer of control of a secure element fromthe first TSM to the second TSM; receiving, by the computer, a requestto transfer control of the secure element from the first TSM to thesecond TSM; initiating, by the computer, a secure communication channelwith the secure element, wherein, the secure communication channel isestablished using an access key known by the first TSM that is residenton the secure element; communicating, by the computer, an instruction todelete the access key from the secure element; creating, by thecomputer, a temporary key; communicating, by the computer, the temporarykey to the secure element; encrypting, by the computer, the temporarykey using the master key established between the first TSM and thesecond TSM; and communicating, by the computer, the encrypted temporarykey to the second TSM for the second TSM to access the secure element.2. The computer-implemented method of claim 1, wherein the computer is afirst secure service provider that operates the first TSM.
 3. Thecomputer-implemented method of claim 1, wherein creating the master keycomprises: generating, by the computer, a first part of the master key;inputting, by the computer, the first part of the master key into ahardware security module resident on the first TSM; generating, by thecomputer, a second part of the master key; inputting, by the computer,the second part of the master key into the hardware security moduleresident on the first TSM; assembling, by the computer, the first andsecond master key parts in the hardware security module resident on thefirst TSM; and destroying, by the computer, the master key parts.
 4. Thecomputer-implemented method of claim 1, further comprising terminating,by the computer, the secure communication channel with the secureelement.
 5. The computer-implemented method of claim 1, furthercomprising communicating, by the computer, a user device identifier tothe second TSM, wherein the user device identifier may be used by thesecond TSM to identify the secure element.
 6. The computer-implementedmethod of claim 1, wherein communicating the encrypted temporary key tothe second TSM for the second TSM to access the secure element comprisescommunicating the encrypted temporary key to a mediator TSM.
 7. Thecomputer-implemented method of claim 1, wherein the second TSM is themediator TSM.
 8. The computer-implemented method of claim 7, furthercomprising: decrypting, by the second TSM, the temporary key using themaster key established between the first TSM and the second TSM;initiating, by the second TSM, a secure communication channel with thesecure element, wherein the secure communication channel is establishedusing the temporary key decrypted by the second TSM; deleting, by thesecond TSM, the temporary key from the secure element; creating, by themediator TSM, a second temporary key; communicating, by the second TSM,the second temporary key to the secure element; encrypting, by themediator TSM, the second temporary key using a second master keyestablished between the second TSM and a third TSM; and communicating,by the mediator TSM, the encrypted second temporary key to the third TSMfor the third TSM to access the secure element.
 9. Acomputer-implemented method for transferring control of a secureelement, comprising: creating, by a computer, a first master key betweena first trusted service manager (“TSM”) and a mediator TSM, wherein thefirst master key facilitates a transfer of control of a secure elementfrom the first TSM to the mediator TSM; creating, by a computer, asecond master key between the mediator TSM and a second TSM, wherein thesecond master key facilitates a transfer of control of the secureelement from the mediator TSM to the second TSM; receiving, by thecomputer, a first temporary key from the first TSM to transfer controlof the secure element from the first TSM to the mediator TSM, whereinthe first temporary key is encrypted by the first master key establishedbetween the first TSM and the mediator TSM, and wherein the firsttemporary key has been saved on the secure element; decrypting, by thecomputer, the first temporary key using the first master key establishedbetween the first TSM and the mediator TSM; initiating, by the computer,a secure communication channel with the secure element, wherein thesecure communication channel is established using the first temporarykey decrypted by the mediator TSM; communicating, by the computer, aninstruction to delete the first temporary key from the secure element;creating, by the computer, a second temporary key; communicating, by thecomputer, the second temporary key to the secure element; encrypting, bythe computer, the second temporary key using the second master keyestablished between the mediator TSM and the second TSM; andcommunicating, by the computer, the encrypted second temporary key tothe second TSM for the second TSM to access the secure element.
 10. Thecomputer-implemented method of claim 9, wherein the computer is a mobileoperating network that operates the mediator TSM.
 11. Thecomputer-implemented method of claim 9, wherein creating one of thefirst and second master keys comprises: generating, by the computer, afirst part of the master key; inputting, by the computer, the first partof the master key into a hardware security module; generating, by thecomputer, a second part of the master key; inputting, by the computer,the second part of the master key into the hardware security module;assembling, by the computer, the master key parts in the hardwaresecurity module; and destroying, by the computer, the master key parts.12. The computer-implemented method of claim 9, further comprisingterminating, by the computer, the secure communication channel with thesecure element.
 13. The computer-implemented method of claim 9, furthercomprising communicating, by the computer, a user device identifier tothe second TSM, wherein the user device identifier may be used by thesecond TSM to identify the secure element.
 14. A computer programproduct, comprising: a non-transitory computer-readable medium havingcomputer-readable program code embodied therein for transferring controlof a secure element, the computer-readable medium comprising:computer-readable program code for receiving a first temporary key froma first trusted service manager (“TSM”) to transfer control of a secureelement from the first TSM to a mediator TSM; computer-readable programcode for initiating a secure communication channel with the secureelement, wherein the secure communication channel is established usingthe first temporary key and wherein the first temporary key is residenton the secure element; computer-readable program code for creating asecond temporary key, wherein the second temporary key is inputted andsaved on the secure element; and computer-readable program code forcommunicating the second temporary key to the second TSM.
 15. Thecomputer program product of claim 14, further comprising:computer-readable program code for creating a first master key betweenthe first TSM to the mediator TSM, wherein the master key facilitates atransfer of control of the secure element from the first TSM to themediator TSM; and computer-readable program code for creating a secondmaster key between the mediator TSM to the second TSM, wherein themaster key facilitates a transfer of control of the secure element fromthe mediator TSM to the second TSM.
 16. The computer program product ofclaim 15, wherein the first temporary key is encrypted by the master keyestablished between the first TSM and the mediator TSM.
 17. The computerprogram product of claim 15, further comprising computer-readableprogram code for decrypting the first temporary key using the firstmaster key established between the first TSM and the mediator TSM. 18.The computer program product of claim 15, further comprisingcomputer-readable program code for encrypting the second temporary keyusing the master key established between the second TSM and the mediatorTSM prior to communicating the second temporary key to the second TSM.19. The computer program product of claim 15, wherein thecomputer-readable program code for creating one of the first and secondmaster keys comprises: computer-readable program code for generating afirst part of the master key; computer-readable program code forinputting the first part of the master key into a hardware securitymodule; computer-readable program code for generating a second part ofthe master key; computer-readable program code for inputting the secondpart of the master key into the hardware security module;computer-readable program code for assembling the master key parts inthe hardware security module; and computer-readable program code fordestroying the master key parts.
 20. The computer program product ofclaim 14, further comprising computer-readable program code for deletingthe first temporary key from the secure element.
 21. The computerprogram product of claim 20, wherein the computer-readable program codefor deleting the access key from the secure element comprisescomputer-readable program code for communicating an instruction to thesecure element to delete the access key from the secure element.
 22. Thecomputer program product of claim 14, further comprisingcomputer-readable program code for terminating the secure communicationchannel with the secure element.
 23. The computer program product ofclaim 14, further comprising computer-readable program code forcommunicating a user device identifier to the second TSM, wherein theuser device identifier may be used by the second TSM to identify thesecure element.
 24. A system for transferring control of a secureelement, the system comprising: a storage medium; and a processorconfigured to execute computer-executable instructions stored in thestorage medium, the computer-executable instructions comprising:instructions for receiving a first temporary key from a first TSM totransfer control of a secure element from the first TSM to a mediatorTSM; instructions for decrypting the first temporary key using the firstmaster key established between the first TSM and the mediator TSM;instructions for initiating a secure communication channel with thesecure element, wherein the secure communication channel is establishedusing the first temporary key decrypted by the mediator TSM;instructions for communicating an instruction to delete the firsttemporary key from the secure element; instructions for creating asecond temporary key; instructions for communicating the secondtemporary key to the secure element; and instructions for communicatingthe second temporary key to the second TSM for the second TSM to accessthe secure element.
 25. The system of claim 24, the computer-executableinstructions further comprising instructions for creating a first masterkey between the first TSM to the mediator TSM, wherein the master keyfacilitates a transfer of control of the secure element from the firstTSM to the mediator TSM; and instructions for creating a second masterkey between the mediator TSM to the second TSM, wherein the master keyfacilitates a transfer of control of the secure element from themediator TSM to the second TSM.
 26. The system of claim 24, thecomputer-executable instructions further comprising instructions forencrypting the second temporary key by the second master key establishedbetween the mediator TSM and the second TSM prior to communicating thesecond temporary key to the second TSM.
 27. The system of claim 24,wherein the computer-executable instructions for creating one of thefirst and second master keys comprises: instructions for generating afirst part of the master key; instructions for inputting the first partof the master key into a hardware security module; instructions forgenerating a second part of the master key; instructions for inputtingthe second part of the master key into the hardware security module;instructions for assembling the master key parts in the hardwaresecurity module; and computer-readable program code for destroying themaster key parts.
 28. The system of claim 24, the computer-executableinstructions further comprising instructions for terminating the securecommunication channel with the secure element.
 29. The system of claim24, the computer-executable instructions further comprising instructionsfor communicating a user device identifier to the second TSM, whereinthe user device identifier may be used by the second TSM to identify thesecure element.